Critical Buffer Overflow Vulnerabilities Fixed in ArubaOS

CVE-2024-26305, CVE-2024-26304, CVE-2024-33511, CVE-2024-33512

Report by Matthew Fagan, Access Point Consulting

There are several vulnerabilities fixed in a recent HPE Aruba Networking security advisory which details multiple critical remote code execution (RCE) vulnerabilities. There are 4 critical vulnerabilities total:

1. CVE-2024-26305 (CVSSv3: 9.8) – Buffer overflow vulnerability by the Utility daemon leading to unauthenticated RCE utilizing specifically crafted packets sent to the PAPI (Aruba’s access point management protocol) over port 8211. Exploitation allows for the ability to execute arbitrary code as a privileged user on the operating system.
2. CVE-2204-26304 (CVSSv3: 9.8) - Buffer overflow vulnerability in the L2/L3 Managment service leading to unauthenticated RCE utilizing specifically crafted packets sent to the PAPI over port 8211.
3. CVE-2024-33511 (CVSSv3: 9.8) - Buffer overflow vulnerability in the Automatic Reporting service leading to unauthenticated RCE utilizing specifically crafted packets sent to the PAPI over port 8211.

CVE-2024-33512 (CVSSv3: 9.8) - Buffer overflow vulnerability in the Local User Authentication Database service leading to unauthenticated RCE utilizing specifically crafted packets sent to the PAPI over port 8211.

There is no evidence of these vulnerabilities being exploited as of right now according to the advisory.